Businesses Rethinking Security Software Strategy, Gartner Says

Business are rethinking their risk management and security software strategy, according to a Gartner study.

Four key developments — the use of advanced analytics, expanded ecosystems, adoption of software as a service (SaaS) and managed services, and the prospect of punitive regulations — are driving these changes, the study said.

SPONSORED

“The overall security market is undergoing a period of disruption due to the rapid transition to cloud-based digital business and technology models that are changing how risk and security functions deliver value in an organization,” said Gartner analyst Deborah Kish in a statement. “At the same time, the threat landscape and rise in the number of high-impact security incidents are also creating demand for security technologies and innovations that deliver greater effectiveness.”

By 2020, advanced security analytics will be embedded in at least 75 percent of security products, the report said. Enterprises increasingly demand products that incorporate “smarter” predictive and prescriptive analytic technologies. These technologies help warn users of potential security incidents and provide guidance on optimal responses.

A variety of underlying technologies, such as artificial intelligence and machine learning, drive these more-advanced analytical capabilities. Successful vendors will work with customers to understand use cases where analytics will deliver value and augment limited security staff and resources, Gartner said.

Security M&A Activity

Given the sheer number of startups and smaller vendors pursuing innovative approaches to security, acquisition, integration, and consolidation are effective strategies to increase market share and enter completely new markets, Gartner said.

In many cases, mature vendors in search of continued growth are acquiring faster-growing companies from emerging adjacent markets.

“There have been several acquisitions in the last year and a half,” Kish wrote in an email. “Many of them have been for analytics, for example HPE acquiring Niara, Sophos acquiring Invincea and Barricade 10, IBM buying Agile 3, Splunk buying Caspida for UEBA, and Palo Alto buying CyberLight. Other acquisitions have been in the CASB space, Forcepoint buying the Skyfence product from Imperva, Cisco buying Cloudlock and Symantec buying BlueCoat (Blue Coat had earlier acquired two CASB vendors, Elastica and Perspecsys). Also, Fortinet buying AccelOps to get into the SIEM space.”

In other cases, vendors are optimizing profits by consolidating similar products under a single brand, therefore leveraging economies of scale by combining core functions, such as development, support, sales, and marketing.

“Symantec would be a good example of a provider consolidating security products and leveraging the assets for cloud security from a fast growing company,” Kish wrote. “BlueCoat grew 17 percent in 2015.”

SaaS On the Rise

As security buyers transition to digital business models, they show a preference for products in an as-a-service format, the report said. This includes risk management and security software-as-a-service.

This echoes another recent survey that found software as a service (57 percent) and security as a service (51 percent) ranked as the two leading cloud computing models adopted by enterprises.

Despite this shift to software- and security-as-a-service, providers must consider the financial implications of maintaining support for legacy security products while investing in an as-a-service product or managed service.

“If a vendor comes from a hardware legacy it must support the hardware products during the transition to a services based business,” Kish wrote. “Many customers will continue to utilize hardware based products, in part to leverage existing investments, because they do not yet ‘trust’ capabilities or products based purely on software in the cloud and (usually in government organizations) that may never use cloud, based on internal policies. Our recommendation is that vendors should plan to make the transition to cloud services as quickly as possible so as to avoid having a bloated cost structure supporting two different delivery models for an extended period of time.”

Jessica is a Senior Editor, covering next-generation data centers, security, and software-defined storage at SDxCentral. She has worked as an editor and reporter for more than 15 years at a number of B2B publications including Environmental Leader, Energy Manager Today, Solar Novus Today and Silicon Valley Business Journal. Jessica is based in the Silicon Valley.

New Report: 2017 Network Virtualization Report

2017 Network Virtualization Report is available for free download. This FREE Report provides insight into the maturation of the overall network virtualization and SDN controller market, including the innovations in cloud networking

Free Report: 2017 Container and Cloud Orchestration

2017 Container and Cloud Orchestration Report is available for free download. This Free Report focuses on containers, cloud management, DevOps, orchestration, and automation solutions including key requirements to look for, and a sampling of vendor solutions available today.

Our Latest News In Your Mailbox!

To join our weekly or daily mailing list, and ensure that you are first to know about the latest in SDN and NFV sign up for the SDxCentral site and join our community!

About SDxCentral

Engage With us

This material may not be copied, reproduced, or modified in whole or in part for any purpose except with express written permission from an authorized representative of SDNCentral, LLC. In addition to such written permission to copy, reproduce, or modify this document in whole or part, an acknowledgement of the authors of the document and all applicable portions of the copyright notice must be clearly referenced. All Rights Reserved.